Recreating SOS Collab self-signed SSL Certificates

A collection of information about Collab, including solutions to common problems.

Moderator: SourceGear


Posts: 9736
Joined: Tue Dec 16, 2003 1:25 pm
Location: SourceGear
PostPosted: Fri Jun 04, 2004 8:37 am
Recreating SOS Collab self-signed certificates

If your SOS Collab certificates have expired, new certificates will need to be generated.

First, extract the contents of createsslcerts.zip to a temporary location on the SourceOffSite Collaborative Edition Servers machine. This zip should contain three files. The createsslcerts.exe file creates new Secure Sockets Library (SSL) Certificates for the SourceOffSite Collaborative Edition Servers.

The following information will need to be provided for the program to run properly.

Server Directory Path
This is the path to the SourceOffSite Collaborative Edition Servers folder. If you accepted the defaults during the SourceOffSite Collab Servers install, this would be C:\Program Files\SourceOffSite Collab Servers. To make sure you have the correct path, please browse for the path.

Server Certificates Directory Path
This is the folder that the SSL Certificates will be created in. If this folder already exists, please verify that it is empty. All files in the folder will be deleted before the certificates are created. If you accepted the defaults during the SourceOffSite Collab Servers install, this would be C:\Program Files\SourceOffSite Collab Servers\SSL\Certs. To make sure you have the correct path, please browse for the path. After this program is run, this path will need to be entered in the Primary Server Certificate Directory and Web Server Certificate Directory fields in the SSL Certificates tab of the SOS Collab Server Manager.

Certificate Password
This should be a random 10-digit string. It can be any value as long as you remember what this value is after this program is run. This string will need to be entered in the Primary Server Certificate Password and Web Server Certificate Password" fields in the SSL Certificates tab of the SOS Collab Server Manager.

Server Machine Host Name
The name of the SourceOffSite Collab Servers machine.

Server Machine Domain Name
The name of the domain in which the SourceOffSite Collab Servers machine resides.

To use createsslcerts.exe Stop the SourceOffSite Collab Primary and Web Server services under the Services Control Panel.

Launch createsslcerts.exe and fill in all the fields.

Please Note: Certutil.exe takes a "-v months-valid" argument, which defaults to 3. To increase the duration of the certificate, add “-v 9” (for example) to each command to add 9 months to the default of 3 months, to create a certificate that is valid for 12 months. If you want the certificate to be valid for only 6 months, the argument would be “-v 3.”


Click the Create Certificates button.


A Command Prompt window should be loaded. If the program encounters any errors, this window should stay up and display the error. If no errors are encountered, the window should automatically close shortly after it is launched.


After the Command Prompt window closes, check the directory provided as the Server Certificates Directory Path and verify that the following files were created in this directory: cert7.db, key3.db, secmod.db.


Now, open the SOS Collab Server Manager, under the SSL Certificates tab, verify that the "Primary Server Certificates Directory" and "Web Server Certificate Directory" fields are correct. In the Primary Server Certificate Password and Web Server Certificate Password fields, enter the Certificate Password provided during the SSL Certificates creation.


Now start the SourceOffSite Collab Primary and Web Server services under the Services Control Panel. The Server services should successfully start and you should be able to successfully login to the SOS Collab Servers.
Attachments
Collab NewCerts.zip
Utility to create certificates
(25.06 KiB) Downloaded 2628 times
Linda Bauer
SourceGear
Technical Support Manager

Return to Knowledge Base (Collab)

Who is online

Users browsing this forum: No registered users and 1 guest

cron